in ecrtokenrefresher/pkg/secrets/aws/aws.go [94:145]
func (aws *AwsSecret) getCredentials() ([]*secrets.Credential, error) {
utils.InfoLogger.Println("fetching auth data from AWS... ")
// Default AWS Region to us-west-2 if not set by User.
_, ok := os.LookupEnv(envRegionName)
if !ok {
err := os.Setenv(envRegionName, regionDefault)
if err != nil {
return nil, err
}
}
var ecrRegs []*string
defID := defaultAccountID
ecrRegs = append(ecrRegs, &defID)
devID := devAccountID
ecrRegs = append(ecrRegs, &devID)
svc := ecr.New(session.Must(session.NewSession()))
token, err := svc.GetAuthorizationToken(&ecr.GetAuthorizationTokenInput{RegistryIds: ecrRegs})
if err != nil {
return nil, err
}
if token == nil {
return nil, fmt.Errorf("response output from ECR was nil")
}
if len(token.AuthorizationData) == 0 {
return nil, fmt.Errorf("authorization data was empty")
}
var creds []*secrets.Credential
for _, auth := range token.AuthorizationData {
decode, err := base64.StdEncoding.DecodeString(*auth.AuthorizationToken)
if err != nil {
return nil, err
}
parts := strings.Split(string(decode), ":")
if len(parts) != 2 {
return nil, fmt.Errorf("error parsing username and password from authorization token")
}
cred := secrets.Credential{
Username: parts[0],
Password: parts[1],
Registry: *auth.ProxyEndpoint,
}
creds = append(creds, &cred)
}
utils.InfoLogger.Println("success.")
return creds, nil
}